diff --git a/.env.sample b/.env.sample
index 3e22666..d3d66a4 100644
--- a/.env.sample
+++ b/.env.sample
@@ -11,7 +11,7 @@ LETS_ENCRYPT_ENV=production
 SECRET_DB_PASSWORD_VERSION=v1
 SECRET_SECRET_KEY_VERSION=v1  # length=32
 SECRET_UTILS_SECRET_VERSION=v1  # length=32
-SECRET_AWS_SECRET_ACCESS_KEY=v1
+SECRET_AWS_SECRET_KEY=v1
 SECRET_OIDC_CLIENT_SECRET_VERSION=v1
 
 AWS_ACCESS_KEY_ID=
@@ -23,7 +23,6 @@ AWS_S3_FORCE_PATH_STYLE=true
 AWS_S3_ACL=private
 
 OIDC_CLIENT_ID=
-OIDC_CLIENT_SECRET=
 OIDC_AUTH_URI=
 OIDC_TOKEN_URI=
 OIDC_USERINFO_URI=
diff --git a/compose.yml b/compose.yml
index 9e09f8e..627a22f 100644
--- a/compose.yml
+++ b/compose.yml
@@ -27,7 +27,7 @@ services:
       - AWS_S3_UPLOAD_BUCKET_NAME
       - AWS_S3_UPLOAD_BUCKET_URL
       - AWS_S3_UPLOAD_MAX_SIZE
-      - AWS_SECRET_ACCESS_KEY_FILE=/run/secrets/aws_secret_key
+      - AWS_SECRET_KEY_FILE=/run/secrets/aws_secret_key
       - DATABASE_PASSWORD_FILE=/run/secrets/db_password
       - FORCE_HTTPS=true
       - OIDC_AUTH_URI
@@ -84,8 +84,8 @@ secrets:
   utils_secret:
     name: ${STACK_NAME}_utils_secret_${SECRET_UTILS_SECRET_VERSION}
     external: true
-  aws_access_key:
-    name: ${STACK_NAME}_aws_access_key_${SECRET_AWS_SECRET_ACCESS_KEY_VERSION}
+  aws_secret_key:
+    name: ${STACK_NAME}_aws_secret_key_${SECRET_AWS_SECRET_KEY_VERSION}
     external: true
   oidc_client_secret:
     name: ${STACK_NAME}_oidc_client_secret_${SECRET_OIDC_CLIENT_SECRET_VERSION}
diff --git a/entrypoint.sh.tmpl b/entrypoint.sh.tmpl
index 48311c7..88c2bf8 100644
--- a/entrypoint.sh.tmpl
+++ b/entrypoint.sh.tmpl
@@ -24,7 +24,7 @@ file_env() {
    unset "$fileVar"
 }
 
-file_env "AWS_SECRET_ACCESS_KEY"
+file_env "AWS_SECRET_KEY"
 file_env "OIDC_CLIENT_SECRET"
 file_env "UTILS_SECRET"
 file_env "DATABASE_PASSWORD"